$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/XMA68_l1ZI4pXAGBpHPj7jYdvik.roa File: XMA68_l1ZI4pXAGBpHPj7jYdvik.roa (raw, json) Hash identifier: C0n+J6Ykgh+j/g4MpqYiBqRRCssYEOXaYZS+AJ7tRg8= Subject key identifier: 5C:C0:3A:F3:F9:75:64:8E:29:5C:01:81:A4:73:E3:EE:36:1D:BE:29 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 024E Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/XMA68_l1ZI4pXAGBpHPj7jYdvik.roa Signing time: Wed 16 Jul 2025 10:01:54 +0000 ROA not before: Wed 16 Jul 2025 10:01:54 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 137508 IP address blocks: 103.118.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 590 (0x24e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 16 10:01:54 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=5CC03AF3F975648E295C0181A473E3EE361DBE29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c6:21:67:f5:fa:9e:e6:bb:e1:12:db:2c:c7: f8:45:c6:d0:3e:f2:b1:27:8e:12:e8:97:3e:c0:9f: 55:c6:d5:e6:e7:c4:6f:45:cc:c3:3c:c7:91:a1:2e: bc:66:cc:10:1c:1f:89:09:0b:4b:39:9f:d1:24:d2: d1:4f:6f:6f:a3:61:09:f7:58:2c:8e:64:cb:73:41: 00:8f:e5:a2:27:1a:b0:9d:56:ea:69:5e:d3:ca:dd: ed:bb:32:ce:15:30:d5:f4:d9:21:ba:30:a1:fc:ba: de:ae:d7:89:d7:b8:ef:4c:66:e0:87:5c:59:6d:20: e1:28:c9:18:4c:d9:5a:46:02:69:f9:96:d5:5e:35: dc:1d:e8:2c:bc:c8:54:46:32:ad:3a:4d:a1:6c:d8: f0:20:9f:20:63:25:32:6a:32:ab:99:fd:b6:55:bd: 6e:55:27:6c:8b:22:c8:05:21:47:f0:02:26:b5:dd: e0:11:06:f8:66:c0:2c:8c:ca:e6:78:4c:b0:b6:e6: 3f:a7:df:7b:74:8e:ea:b0:b2:28:44:7a:86:7e:7a: a1:d3:e1:15:6a:32:8f:b8:c7:b4:6e:42:18:d9:fd: cb:76:57:17:97:90:47:88:88:49:0f:82:0c:6f:9c: 0c:52:31:a5:f6:45:78:68:8e:57:95:d0:4e:9c:0b: 40:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:C0:3A:F3:F9:75:64:8E:29:5C:01:81:A4:73:E3:EE:36:1D:BE:29 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/XMA68_l1ZI4pXAGBpHPj7jYdvik.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.118.212.0/22 Signature Algorithm: sha256WithRSAEncryption 2e:3d:7b:db:69:9f:7e:c6:ff:c3:b3:02:7e:16:9b:1f:e3:e8: ac:4e:28:06:64:cb:00:1a:96:61:fd:d1:42:fc:7d:7e:de:47: d1:d6:ae:79:56:b2:a7:52:11:ce:d6:f3:31:fc:a7:66:29:88: 96:0f:aa:67:42:76:a8:19:62:00:ae:8d:1f:aa:6a:44:3f:03: 51:2f:d3:56:be:b5:c5:73:ef:9e:05:91:51:71:67:52:0f:92: a3:99:9f:df:96:c2:82:e4:1d:59:13:8f:93:0c:4a:a8:3b:09: a3:eb:38:f1:ff:40:7e:f4:a8:7f:b5:a9:b5:93:36:e5:36:23: 09:eb:63:d4:ef:23:fe:0d:82:e4:c1:c5:68:7c:52:d0:c4:ec: 69:b4:7f:3c:b3:b3:0b:06:ba:39:74:32:f5:a1:d2:e6:30:a7: 55:84:96:39:bd:59:ff:9c:b1:a2:ad:98:b9:40:5b:f8:49:24: 78:5b:6d:ec:0e:1e:49:26:1a:b5:28:a3:e7:93:53:b2:f2:8d: f4:02:fb:12:75:f3:9e:95:bd:00:27:95:ae:bc:fd:87:ef:45: a1:80:97:a3:8d:81:fd:c8:ee:d3:7d:06:58:7b:eb:16:9b:39: c0:6e:56:2e:f7:e2:58:1d:2a:f2:88:8f:96:d5:77:b2:f5:1a: 22:d9:40:3e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAk4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MTYx MDAxNTRaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDVDQzAzQUYzRjk3NTY0 OEUyOTVDMDE4MUE0NzNFM0VFMzYxREJFMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyxiFn9fqe5rvhEtssx/hFxtA+8rEnjhLolz7An1XG1ebnxG9F zMM8x5GhLrxmzBAcH4kJC0s5n9Ek0tFPb2+jYQn3WCyOZMtzQQCP5aInGrCdVupp XtPK3e27Ms4VMNX02SG6MKH8ut6u14nXuO9MZuCHXFltIOEoyRhM2VpGAmn5ltVe Ndwd6Cy8yFRGMq06TaFs2PAgnyBjJTJqMquZ/bZVvW5VJ2yLIsgFIUfwAia13eAR BvhmwCyMyuZ4TLC25j+n33t0juqwsihEeoZ+eqHT4RVqMo+4x7RuQhjZ/ct2VxeX kEeIiEkPggxvnAxSMaX2RXhojleV0E6cC0DNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXMA68/l1ZI4pXAGBpHPj7jYdvikwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvWE1BNjhfbDFaSTRw WEFHQnBIUGo3allkdmlrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd21DANBgkqhkiG9w0BAQsFAAOCAQEALj1722mffsb/w7MCfhabH+PorE4o BmTLABqWYf3RQvx9ft5H0daueVayp1IRztbzMfynZimIlg+qZ0J2qBliAK6NH6pq RD8DUS/TVr61xXPvngWRUXFnUg+So5mf35bCguQdWROPkwxKqDsJo+s48f9AfvSo f7WptZM25TYjCetj1O8j/g2C5MHFaHxS0MTsabR/PLOzCwa6OXQy9aHS5jCnVYSW Ob1Z/5yxoq2YuUBb+EkkeFtt7A4eSSYatSij55NTsvKN9AL7EnXznpW9ACeVrrz9 h+9FoYCXo42B/cju030GWHvrFps5wG5WLvfiWB0q8oiPltV3svUaItlAPg== -----END CERTIFICATE-----Generated at Sun Jul 20 12:43:20 2025 by rpki-client